Re: Windows Authentication and Anonymous login URGENT

From: Joseph E Shook (JoeShook_at_DeploymentCentric.com)
Date: 07/26/03

Next message: Harley: "Protected folder with forms authentication"

Previous message: chris: "Access and database connection"
In reply to: Silvia Brunet-Jones: "Windows Authentication and Anonymous login URGENT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 26 Jul 2003 14:05:24 -0700

My gut feeling on this is to deploy your web site two times. One deployment
will be for your internal users. The second deployment will be for you
external users. The code base should be identical. Just configure your
web.config according to thee users locations. You can run both deployments
on the same machine if need be, just create two different web instances.
Then set up the network to only allow external users to hit the external
instance and only allow the internal users to hit the internal instance. If
you try to code this behavior there seems to be to much room for failure in
the future. Because today you may be able to reliably check the referer url
but tommorrow your firewall/proxy server access to the extern may not allow
you to figure out exactly where the user came from. Anyways there is some
more food for thought.

"Silvia Brunet-Jones" <sbrunet_jones@hotmail.com> wrote in message
news:0b9701c352c4$341f4cc0$a501280a@phx.gbl...
> I really need some help on this.
> What I am trying to do is this. My application is a web
> application that runs in my intranet. I am giving access
> to the web pages through the internet to my intranet
> users. However I need to be able to tell a difference if
> they have login through the intranet, which window
> authentication just lets them in, or through the internet
> where the login pop up box asks for their username and
> password.
> My second issue is that I need to let anonymous users into
> my default.aspx page but if my intranet users hit this
> page it needs to redirect them to a different
> default.aspx. But I cant tell the difference if the user
> logs in through the intranet or the internet. How can I
> achive this?

Next message: Harley: "Protected folder with forms authentication"

Previous message: chris: "Access and database connection"
In reply to: Silvia Brunet-Jones: "Windows Authentication and Anonymous login URGENT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Windows Authentication and Anonymous login URGENT
... NTFS protected page to throw up the NTLM auth box. ... > Then set up the network to only allow external users to hit the external ... >> application that runs in my intranet. ... >> authentication just lets them in, or through the internet ...
(microsoft.public.dotnet.framework.aspnet.security)
=?iso-8859-1?q?[Solved]_Sicherheitsmeldung_beim_=F6ffnen_von_z=2EB=2E_Zip-Dateien_auf_ei
... Windows XP Pro Sp1 / IE7. ... Ich finde das sowas von irritierend (Internet Explorer? ... Intranet will. ...
(microsoft.public.de.german.windowsxp.sonstiges)
Re: .NET apps not being recognized as being in the Intranet Zone
... that the network share is on to the "Intranet Sites" list. ... belongs to the IntRAnet zone, not the IntERnet zone. ... So, my .Net 2.0 program, to get to run from a network share, required ...
(microsoft.public.dotnet.languages.csharp)
Re: Is it safe to use social securty number as intranet username? (long)
... Our *intranet* has DIRECT access to the ... It's a *corporate* LAN that spans several countries! ... There's plenty of 'software' sniffers out ...
(comp.security.misc)
Re: Is it safe to use social securty number as intranet username? (long)
... Our *intranet* has DIRECT access to the ... It's a *corporate* LAN that spans several countries! ... There's plenty of 'software' sniffers out ...
(comp.security.misc)